Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/e3d19f-28fb-45cb-afe0-f97ad3044e02/1/BBOcQdtiK1f-Mqz4knU6rrrax_k.roa
File: BBOcQdtiK1f-Mqz4knU6rrrax_k.roa (raw, json)
Hash identifier: FB7kxsM81OfCpEsa9aE8nPSJbzgjnThfY9L9xg/n1O0=
Subject key identifier: 04:13:9C:41:DB:62:2B:57:FE:32:AC:F8:92:75:3A:AE:BA:DA:C7:F9
Certificate issuer: /CN=52e400eba3790a245cdab4b4e67bb4d60bbe7b40
Certificate serial: CEC1B2
Authority key identifier: 52:E4:00:EB:A3:79:0A:24:5C:DA:B4:B4:E6:7B:B4:D6:0B:BE:7B:40
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UuQA66N5CiRc2rS05nu01gu-e0A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/74/e3d19f-28fb-45cb-afe0-f97ad3044e02/1/BBOcQdtiK1f-Mqz4knU6rrrax_k.roa
Signing time: Mon 28 Mar 2022 17:00:44 +0000
ROA not before: Mon 28 Mar 2022 17:00:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209023
IP address blocks: 45.9.38.0/24 maxlen: 24
45.9.37.0/24 maxlen: 24
45.9.36.0/22 maxlen: 22
45.9.36.0/24 maxlen: 24
45.9.39.0/24 maxlen: 24
188.213.219.0/24 maxlen: 24
188.213.240.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13550002 (0xcec1b2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52e400eba3790a245cdab4b4e67bb4d60bbe7b40
Validity
Not Before: Mar 28 17:00:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=04139c41db622b57fe32acf892753aaebadac7f9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:87:26:44:59:4a:87:5f:3f:d5:1a:25:a9:5b:
32:f6:95:1b:1c:0a:77:19:7f:f5:49:44:e7:b8:b0:
97:73:3f:07:03:b2:e8:91:ef:9d:4b:63:70:cb:f3:
aa:8c:53:02:a9:31:35:d7:c1:6a:f7:86:ed:c1:4e:
87:70:b3:d2:f1:a4:81:3c:23:80:7d:c4:85:b6:95:
2b:6f:7a:d0:d3:de:78:db:91:15:06:fd:31:f2:99:
8c:a7:e0:5f:1f:02:66:8e:b1:f1:95:5e:19:bc:89:
2f:79:cd:e7:b5:8b:05:65:2f:cd:b7:2b:58:4c:f3:
a8:4d:d5:5a:08:25:e2:60:9b:c6:0b:7a:5e:20:19:
93:55:4b:f6:b9:70:f9:79:69:ea:2f:56:ab:d2:c9:
0e:fe:b0:fa:5b:2c:78:43:6e:ec:f2:8e:31:aa:80:
6f:52:78:54:72:22:cb:12:95:a1:81:8d:5d:de:09:
ce:c4:0b:63:2b:6f:82:fd:96:41:53:81:c1:e4:cb:
e2:73:ff:de:bf:23:00:92:73:f2:a8:4d:fa:96:9e:
60:cc:ec:91:21:e2:7d:ce:a7:3f:16:67:81:2e:8e:
12:a7:08:d9:af:a4:69:9c:c1:2a:7d:f1:6e:b4:1a:
02:25:f1:43:05:f9:db:be:16:1f:b5:b0:4e:29:c0:
04:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:13:9C:41:DB:62:2B:57:FE:32:AC:F8:92:75:3A:AE:BA:DA:C7:F9
X509v3 Authority Key Identifier:
keyid:52:E4:00:EB:A3:79:0A:24:5C:DA:B4:B4:E6:7B:B4:D6:0B:BE:7B:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UuQA66N5CiRc2rS05nu01gu-e0A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/e3d19f-28fb-45cb-afe0-f97ad3044e02/1/BBOcQdtiK1f-Mqz4knU6rrrax_k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/74/e3d19f-28fb-45cb-afe0-f97ad3044e02/1/UuQA66N5CiRc2rS05nu01gu-e0A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.9.36.0/22
188.213.219.0/24
188.213.240.0/24
Signature Algorithm: sha256WithRSAEncryption
74:08:85:e9:fc:53:bf:23:67:46:83:c0:f0:5f:55:c5:2d:31:
23:12:96:3f:38:21:46:de:0a:b1:4f:87:e5:a8:a7:02:66:75:
e2:b1:48:46:01:6b:02:51:84:5a:1a:32:6f:50:34:ef:c8:4e:
14:b1:bd:ca:7b:d0:71:d9:77:62:6c:21:91:7e:4d:64:31:c2:
10:1f:11:a5:34:4f:4d:b9:b7:4b:cd:65:69:28:ec:07:e9:d6:
12:11:32:d7:67:32:11:35:3d:05:c3:f2:6a:6e:89:1b:1d:05:
09:a7:48:27:d9:7e:62:47:46:91:8a:ad:b5:1a:52:1a:81:c4:
bf:ff:e3:f0:e9:13:45:28:3c:be:80:03:f3:19:a3:03:80:71:
ab:4b:7d:ed:2a:0f:0f:f8:96:26:b6:55:dc:da:22:e9:22:96:
62:77:1c:e9:5f:cb:15:1c:1e:c0:5d:9f:cc:bb:e5:6c:7c:bb:
97:1a:65:23:6f:9e:76:72:d0:9b:ab:a6:02:f5:5d:ef:33:04:
c6:a4:4d:09:20:b0:95:04:b3:8d:40:57:44:a0:97:52:6b:a2:
17:21:bf:93:af:db:0a:3d:c4:06:ae:a3:94:33:56:fb:2b:79:
8a:78:8e:ec:29:cb:73:89:a7:f1:12:18:90:1e:03:82:cd:39:
aa:cd:ad:ff
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIEAM7BsjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
MmU0MDBlYmEzNzkwYTI0NWNkYWI0YjRlNjdiYjRkNjBiYmU3YjQwMB4XDTIyMDMy
ODE3MDA0NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDQxMzljNDFkYjYy
MmI1N2ZlMzJhY2Y4OTI3NTNhYWViYWRhYzdmOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKGHJkRZSodfP9UaJalbMvaVGxwKdxl/9UlE57iwl3M/BwOy
6JHvnUtjcMvzqoxTAqkxNdfBaveG7cFOh3Cz0vGkgTwjgH3EhbaVK2960NPeeNuR
FQb9MfKZjKfgXx8CZo6x8ZVeGbyJL3nN57WLBWUvzbcrWEzzqE3VWggl4mCbxgt6
XiAZk1VL9rlw+Xlp6i9Wq9LJDv6w+lsseENu7PKOMaqAb1J4VHIiyxKVoYGNXd4J
zsQLYytvgv2WQVOBweTL4nP/3r8jAJJz8qhN+paeYMzskSHifc6nPxZngS6OEqcI
2a+kaZzBKn3xbrQaAiXxQwX5274WH7WwTinABAkCAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBQEE5xB22IrV/4yrPiSdTquutrH+TAfBgNVHSMEGDAWgBRS5ADro3kKJFza
tLTme7TWC757QDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1V1UUE2Nk41Q2lSYzJyUzA1bnUwMWd1LWUwQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzQvZTNkMTlmLTI4ZmItNDVjYi1hZmUwLWY5N2FkMzA0NGUwMi8x
L0JCT2NRZHRpSzFmLU1xejRrblU2cnJyYXhfay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzQv
ZTNkMTlmLTI4ZmItNDVjYi1hZmUwLWY5N2FkMzA0NGUwMi8xL1V1UUE2Nk41Q2lS
YzJyUzA1bnUwMWd1LWUwQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEAi0JJAMEALzV2wMEALzV8DANBgkq
hkiG9w0BAQsFAAOCAQEAdAiF6fxTvyNnRoPA8F9VxS0xIxKWPzghRt4KsU+H5ain
AmZ14rFIRgFrAlGEWhoyb1A078hOFLG9ynvQcdl3YmwhkX5NZDHCEB8RpTRPTbm3
S81laSjsB+nWEhEy12cyETU9BcPyam6JGx0FCadIJ9l+YkdGkYqttRpSGoHEv//j
8OkTRSg8voAD8xmjA4Bxq0t97SoPD/iWJrZV3Noi6SKWYncc6V/LFRwewF2fzLvl
bHy7lxplI2+ednLQm6umAvVd7zMExqRNCSCwlQSzjUBXRKCXUmuiFyG/k6/bCj3E
Bq6jlDNW+yt5iniO7CnLc4mn8RIYkB4Dgs05qs2t/w==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:36:59 2025 by rpki-client